name: Cilium Conn Disrupt Test
description: Setup and test cilium connectivity and connection disruption status after a caller-provided risky operation, such as upgrade or IPsec key rotation.

inputs:
  job-name:
    required: true
    type: string
  operation-cmd:
    required: true
    type: string
  extra-connectivity-test-flags:
    required: false
    type: string

runs:
  using: composite
  steps:
    - name: Setup Conn Disrupt Test
      shell: bash
      run: |
        # Create pods which establish long lived connections. It will be used by
        # subsequent connectivity tests with --include-conn-disrupt-test to catch any
        # interruption in such flows.
        ./cilium-cli connectivity test --include-conn-disrupt-test --conn-disrupt-test-setup \
          --conn-disrupt-dispatch-interval 0ms

    - name: Operate Cilium
      shell: bash
      run: |
        ${{ inputs.operation-cmd }}

    - name: Perform Conn Disrupt Test
      shell: bash
      run: |
        ./cilium-cli connectivity test --include-unsafe-tests --collect-sysdump-on-failure \
          --include-conn-disrupt-test \
          --flush-ct \
          --sysdump-hubble-flows-count=1000000 --sysdump-hubble-flows-timeout=5m \
          --sysdump-output-filename "cilium-sysdump-${{ inputs.job-name }}-<ts>" \
          --junit-file "cilium-junits/${{ inputs.job-name }}.xml" \
          ${{ inputs.extra-connectivity-test-flags }} \
          --junit-property github_job_step="Run conn disrupt tests (${{ inputs.job-name }})"
